Tag: Asia

A piece I wrote ahead of Facebook’s IPO, casting a skeptical eye over assumptions that Asia would continue to be a source of major growth for the company.

Even as Facebook fever grips investors ahead of the social networking giant’s potential $100 billion-plus initial public offering, its breakneck growth in Asia may be slowing as it moves beyond desktop users to those who access the Internet largely or solely from a mobile phone.

In March, Facebook revised its own SEC filings to scale back its scope for further growth in India – its third-biggest user base and the largest population it currently has access to – China remains off-limits to Facebook. And independent data show that user numbers in Indonesia and the Philippines, its other largest Asia user bases, have actually fallen off slightly in the past three months.

The Washington Post report that it seems the attack on South Korea’s Nonghyup agricultural bank back in April was the work of North Korea. The evidence?

South Korean investigators said they determined that 10 servers used in the bank incident were the same ones used in previous cyberattack operations against South Korea, including one in 2009 and another in March, that they blamed on the North. Investigators say they determined, for instance, that a “command and control” server used in the 2009 operation was registered to a North Korean government agency operating in China.

This is interesting. Command and control servers are compromised computers that are used by bad guys to “run” other computers—zombies—that actually do the grunt work. There’s definitely a common thread between the 2009 and 2011 DDOS attacks, and plenty of circumstan

We have collected logs that reveal the full extent of the victim population since mid-2006 when the log collection began. Note that the actual intrusion activity may have begun well before that time but that is the earliest evidence we have for the start of the compromises.

This was around the time that Julian Assange was building up the content that, he recounted in emails at the time, that his hard drives were filling up with eavesdropped documents:

We have received over 1 million documents from 13 countries, despite not having publicly launched yet! (Wikileaks Leak, Jan, 2007)

There were, however, reports in mid 2006 of largescale theft of documents: State Dept (May), and NIPRNet (June), US War College (Sept) and German organisations (October).

I would like to see more data from McAfee and, in the interests of transparency, at least the metadata from the still unrevealed WikiLeaks stash in order to do some note comparing and triangulation. I’d also like to see this material compared with the groundbreaking work by three young Taiwanese white hats, who have sifted through malware samples to try to group together some of these APTs: APT Secrets in Asia – InSun的日志 – 网易博客.

“Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced it successfully mitigated another major DDoS attack of unprecedented size in terms of packet-per-second volume. Prolexic cautions that global organizations should consider the attack an early warning of the escalating magnitude of similar DDoS threats that are likely to become more prevalent in the next 6 to 8 months.”

“It was expected. We knew sooner or later Sony would enlist outside help”. Pressed on whether Anonymous would take out Prolexic, Takai showed confidence in the ‘hacktavist’s’ upcoming retaliation, stating “well, if I had to put money on it … I’d say, Prolexic is going down like a two dollar wh*** in a Nevada chicken ranch ”. He did admit that the company “is quite formidable” and congratulated “them for doing so well”, but again he warned “We do however have ways for dealing with the ‘Prolexic’ factor”.

The website also quoted Anonymous members expressing frustration at the new defences, but that they appeared to be confident they would eventually prevail. That doesn’t seem to have happened.

Prolexic’s press release says the attacks had been going on for months before the client approached the company. The size of the attack, the company said, was staggering:

According to Paul Sop, chief technology officer at Prolexic, the volume reached levels of approximately 25 million packets per second, a rate that can overwhelm the routers and DDoS mitigation appliances of an ISP or major carrier. In contrast, most high-end border routers can forward 70,000 packets per second in typical deployments. In addition, Prolexic’s security experts found 176,000 remotely controlled PCs, or bots, in the attacker’s botnet (robot network). This represents a significant threat as typically only 5,000-10,000 bots have been employed in the five previous attacks mitigated by Prolexic.

It does not say why it considers the attack over, now gives any timeline for the attack. But if it is Sony, it presumably means that Anonymous has withdrawn for now or is preoccupied with other things. Prolexic, however, is probably right when it warns this is a harbinger of things to come:

“Prolexic sees this massive attack in Asia with millions of packets per second as an early warning beacon of the increasing magnitude of DDoS attacks that may be on the horizon for Europe and North America in the next 6 to 8 months,” Sop said. “High risk clients, such as those extremely large companies in the gaming and gambling industries in Asia, are usually the first targets of these huge botnets just to see how successful they can be.”

(Not tech related, this, so please skip if the IMF and Indonesia don’t float your boat. The BBC World Service Business Daily version of my piece on the IMF’s role in the Asian financial crisis of 1997/8 . (The Business Daily podcast is here.)

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

To listen to Business Daily on the radio, tune into BBC World Service at the following times, or click here.